Add ifdefs for psa_internal_export_key function

MBEDTLS_PK_WRITE_C only requires either MBEDTLS_RSA_C or MBEDTLS_ECP_C to be defined. Added wrappers to handle the cases where only one has been defined. Moved mbedtls_pk_init to be within the ifdefs, so it's only called if appropriate.
2025-01-22 10:31:06 +00:00 · 2018-07-24 16:33:30 +01:00 · 2018-07-24 16:33:30 +01:00 · 9e2d7a09f1
parent 10ccc641ac
commit 9e2d7a09f1
2 changed files with 11 additions and 1 deletions
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@ -1174,6 +1174,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
 * \retval #PSA_SUCCESS
 * \retval #PSA_ERROR_EMPTY_SLOT
 * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
 * \retval #PSA_ERROR_COMMUNICATION_FAILURE
 * \retval #PSA_ERROR_HARDWARE_FAILURE
 * \retval #PSA_ERROR_TAMPERING_DETECTED
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -787,16 +787,25 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
        {
            mbedtls_pk_context pk;
            int ret;
-            mbedtls_pk_init( &pk );
            if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
            {
+#if defined(MBEDTLS_RSA_C)
+                mbedtls_pk_init( &pk );
                pk.pk_info = &mbedtls_rsa_info;
                pk.pk_ctx = slot->data.rsa;
+#else
+                return( PSA_ERROR_NOT_SUPPORTED );
+#endif
            }
            else
            {
+#if defined(MBEDTLS_ECP_C)
+                mbedtls_pk_init( &pk );
                pk.pk_info = &mbedtls_eckey_info;
                pk.pk_ctx = slot->data.ecp;
+#else
+                return( PSA_ERROR_NOT_SUPPORTED );
+#endif
            }
            if( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) )
                ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size );